Key Findings NGINX vulnerability CVE-2026-42945 (CVSS 9.2) is actively exploited in the wild days after public disclosure Heap buffer overflow in ngx_http_rewrite_module affects NGINX versions 0.6.27 through 1.30.0 Flaw can crash worker processes or enable remote code execution on systems with ASLR disabled Exploitation requires specific NGINX configuration knowledge and crafted HTTP requests VulnCheck detected weaponized exploitation attempts against honeypot networks Two cr